Add provider param to generateResetPasswordToken

[sagar-okta]

PR Checklist

• The commit message follows our guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

PR Type

• Bugfix

What is the current behavior?

The generateResetPasswordToken method does not expose the provider query parameter in the SDK. As a result, callers cannot use the API's federation conversion feature — converting an Okta-credentialed user to a federated user — via the SDK.

Issue Number: OKTA-1141679

What is the new behavior?

The provider query parameter (AuthenticationProviderType) is now exposed as an optional argument on generateResetPasswordToken. Passing provider=FEDERATION converts the user's credential provider to federated, after which they must authenticate through a trusted identity provider and can no longer sign in directly with a password.

This was verified live against the Okta API — calling with provider=FEDERATION returns HTTP 200 and the user's credentials.provider.type changes to FEDERATION.

Does this PR introduce a breaking change?

• No

The new parameter is optional and fully backward compatible. Existing callers omitting provider see no change in behavior.

Other information

• The same parameter is missing from okta-sdk-dotnet — a separate issue should be filed there.
• The OAS spec (management.yaml and management.yaml) was updated and the SDK was regenerated.

Reviewers